31 Dec 2021

Update of unpackers

Enigma Virtual Box unpacker

There are plenty of changes.

  • Properly detect versions 9.50..9.90
  • Unpacks files packed with 9.80 and 9.90
  • Added command-line parameter "/nodiskspace", as requested by some users. If it crashes during unpacking because it ran out of disk space, it's your problem.
  • Unpacker properly handles invalid input filename

Molebox 2.x unpacker

  • Support more versions of very old Molebox
  • Unpacking files with digital signatures should be improved
  • Some rare bugs have been fixed

Autoplay Media Studio unpacker

  • Added support for AMS version 8.5.3.0.
  • Support for Imagine MemoryEx encrypted files, as requested by someone.

What is MemoryEx?

MemoryEx is a plugin released by Imagine Programming, allowing for more advanced operations from within the Lua environment you will find in Autoplay Media Studio 8.

While it's not a very common plugin, there are several niche programs which use this plugin. For example, most programs from dindroid.com use it.

When you unpack such file, please pay attention to the "Found protected file" messages:

As you can see, unpacker created some .luac files.

Next, you will need to find a LUA decompiler and decompile these files. I suggest you try unluac, luadec or whichever LUA decompiler you prefer.

Decompiler should produce .lua file which contains all the interesting stuff. For example, part of G-Nerator code looks like this:

That's all folks, have fun using it!

As always - if you notice any bugs, please report them. And most importantly - Happy New Year everybody! smile

5 thoughts on “Update of unpackers

  1. Hello, i want to unpack an .exe file but none of these unpackers worked, whats the solution for my problem?
    The file in question is this:
    {hidden link}

    • Hi,
      your file is packed first with Molebox 2.x and then Enigma Protector. There is no automatic unpacker for Enigma Protector.

      If you manually unpack Enigma Protector, then my unpacker will be able to unpack Molebox and extract all the files.

      Easier solution would be to use Virtual File System Editor by Extreme Coders. It will unpack all embedded files but not the main executable.

      • Hello kao , just want to ask about Virtual file System Editor - By Extreme coders. Is it the same method in your unpacker?

        • No, they are totally different.

          Virtual File System Editor needs you to run the file and then extracts data files from process memory. Benefits - it can handle unknown protections or combinations of packers. Drawbacks - it can't unpack main file and it's not safe to use on malicious files.

          All my unpackers are static - they never run the file. So, they are safer to use but can only extract files from known protections. They can also extract main file and bundled registry keys.

Leave a Reply

  • Be nice to me and everyone else.
  • If you are reporting a problem in my tool, please upload the file which causes the problem.
    I can`t help you without seeing the file.
  • Links in comments are visible only to me. Other visitors cannot see them.

Your email address will not be published.

 −  2  =  four